NHS Vendor to Pay $3.8 Million Fine in U.K. Ransomware Attack

NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection regulator has confirmed. The ICO said that Advanced “broke data protection law” by not fully rolling out multi-factor authentication prior to its breach, which allowed hackers to break in with stolen credentials and steal the personal information of tens of thousands of people across the United Kingdom.

The GigaLaw Firm helps companies of all sizes protect their brands online, using domain name dispute policies – such as the Uniform Domain Name Dispute Resolution Policy (UDRP) – and other legal tools available to copyright and trademark owners on the Internet.